HIPAA Compliance for Clinical Texting
HIPAA Compliance for Clinical Texting
Why HIPAA Compliance for Clinical Texting is an Issue
HIPAA compliance for clinical texting has grown into an issue as the use of personal mobile devices has increased in the healthcare industry. Statistics are often quoted that 87% of physicians (Manhattan Research) and 67% of nurses (American Nurse Today) use Smartphones in the workplace to “support their workflow”, but a more in-depth study conducted by Wolters Kluwer in 2013 gave a better insight into the nature of mobile device use and the risks to the integrity of Protected Health Information (PHI).
According to the study, 44% of clinicians use a personal mobile device to communicate with colleagues and nurses, 17% of clinicians access patient data from their Smartphones for healthcare purposes and 12% of clinicians compile billing information from data accessed by their personal mobile devices. Each of these actions can potentially result in a breach of PHI, but the volume of healthcare-related communications with colleagues and nurses is a major issue in regard to HIPAA compliance.
Clinicians sending texts or emails containing PHI from their mobile devices have no control over the destination of the message. Messages can be intercepted on open cellphone networks and public WiFi services, lost or stolen Smartphones expose PHI to the risk of unauthorized access, and PHI could be disclosed to a passer-by if a mobile device is left unattended. With the possibility of fines of up to $50,000 per day for a breach of PHI, HIPAA compliance for clinical texting is more than just a compliance issue – it can become a financial issue as well.
How Secure Text Messaging Resolves the Compliance Issue
Secure text messaging is a method of ensuring HIPAA compliance for clinical texting that is simple to implement and cost-effective. Secure text messaging solutions work by creating a private network through which all communications are channeled using secure messaging apps. The apps resemble commercially available messaging apps, but comply with the administrative, physical and technical safeguards of the HIPAA Security Rule for protecting the integrity of PHI in transit.
Because text messages containing PHI are encrypted and encapsulated within the communications network, there is no risk of messages being intercepted over open cellphone networks and public WiFi services. Further security measures enable the remote PIN-locking of the apps if a Smartphone is lost or stolen to prevent unauthorized access to PHI, while an automatic time out feature logs a user out of the app after a period of inactivity to prevent “passer-by” access.
When secure text messaging solutions are integrated with EHRs, clinicians can still access patient data for healthcare purposes and to compile billing information, but without the risk of a breach of PHI. According to a study conducted by the Tepper School of Business at the Carnegie Mellon University, EHR integration can lead to a 27 percent reduction in patient safety issues and a 30 percent reduction in medication errors – a compelling reason to evaluate HIPAA compliance for clinical texting.
The Financial Benefits of Secure Clinical Texting
One of the primary compliance issues resolved by secure text messaging is message accountability. All activity on a HIPAA compliant communications network is logged and monitored, ensuring that every message is accounted for. This feature – combined with delivery notifications and read receipts – significantly reduces phone tag and frees up more time for healthcare providers to attend to their healthcare duties, thus enhancing productivity.
Healthcare organizations that have implemented solutions to facilitate HIPAA compliance for clinical texting also report that secure text messaging accelerates the flow of communication, enabling healthcare providers to streamline their workflows. Group messaging functions foster collaboration between healthcare providers and have also been shown to accelerate hospital admissions and patient discharges.
The cost-effectiveness of secure text messaging is also an important consideration. Solutions for HIPAA compliance for clinical texting cost nothing to install and have very low operating costs. As the solutions are cloud-based, there is no hardware to buy, no complicated software to install that will exhaust the resources of an IT department, and – due to the familiar text-like interfaces of the secure text messaging apps – there is a quick uptake for the use of the solution by healthcare providers.